integration-patterns-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No malicious override patterns or instructions to bypass safety guidelines were found. The skill maintains strict boundaries between data integration patterns and other domains (streaming, orchestration).
- [Data Exposure & Exfiltration] (SAFE): The skill emphasizes the use of environment variables and secret managers for credentials. All code examples use placeholders (e.g., ACCOUNT_ID, myorg, 001XXX) and avoid hardcoding sensitive information.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data via webhooks and API responses (e.g., Stripe, Salesforce).
- Ingestion points: Webhook endpoints (enterprise-connectors.md), REST API resources (dlt-pipelines.md).
- Boundary markers: SKILL.md explicitly instructs to 'enforce schema validation at boundaries'.
- Capability inventory: Patterns include network requests (requests.post) and data loading (dlt.pipeline).
- Sanitization: enterprise-connectors.md mandates signature verification (stripe.Webhook.construct_event) and idempotency checks.
- [Unverifiable Dependencies] (SAFE): Recommended libraries (requests, tenacity, kafka-python, dlt, pydantic) are standard, well-maintained packages in the data engineering ecosystem.
- [Obfuscation] (SAFE): No hidden or encoded content (Base64, zero-width characters, or homoglyphs) was detected.
Audit Metadata